modules/hgweb/manifests/init.pp - Issue 29323409: Issue 2867 - Introduce module hgweb and corresponding server role

Side by Side Diff: modules/hgweb/manifests/init.pp

Issue 29323409: Issue 2867 - Introduce module hgweb and corresponding server role (Closed)

Patch Set: Issue 2867 - Now the complete patch-set again Created Aug. 17, 2015, 6:17 p.m.

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 # == Class: hgweb

	2 #

	3 # A hgweb server setup.

	4 #

	5 # === Parameters:

	6 #

	7 # [domain]

	8 # The auhority part of the URL the instance is associated with.

	9 #

	10 # [is_default]

	11 # Whether the $domain shall become set up as default (or fallback)

	12 # within the HTTP daemon.

	13 #

	14 # [certificate]

	15 # The name of the SSL certificate file within modules/private/files, if

	16 # any. Requires a private_key as well.

	17 #

	18 # [private_key]

	19 # The name of the private key file within modules/private/files, if any.

	20 # Requires a certificate as well.

	21 #

	22 # [hgaccess]

	23 # A prototype directory source for the hgaccess repository.

	24 #

	25 # === Examples:

	26 #

	27 # class {'hgweb':

	28 # domain => 'localhost',

	29 # }

	30 #

	31 class hgweb(

	32 $domain,

	33 $is_default = false,

	34 $certificate = hiera('hgweb::certificate', 'undef'),

	35 $private_key = hiera('hgweb::private_key', 'undef'),

	36 $hgaccess = 'puppet:///modules/hgweb/hgaccess',

	37 ) {

	38

	39 include ssh, nginx

	40

	41 $required_packages = ['mercurial-common', 'python-flup', 'spawn-fcgi']

	42 ensure_packages($required_packages)

	43

	44 class {'sitescripts':

	45 sitescriptsini_content => template('hgweb/sitescripts.ini.erb'),

	46 }

	47

	48

	49 user {'hg':

	50 comment => 'hgweb',

	51 groups => ['www-data'],

	52 home => '/home/hg',

	53 managehome => true,

	54 shell => '/bin/bash',

	55 }

	56

	57 file {'/home/hg/.ssh':

	58 ensure => 'directory',

	59 group => 'hg',

	60 mode => 0750,

	61 owner => 'hg',

	62 require => User['hg'],

	63 }

	64

	65 file {'/home/hg/web':

	66 ensure => 'directory',

	67 group => 'hg',

	68 mode => 0755,

	69 owner => 'hg',

	70 require => User['hg'],

	71 }

	72

	73 file {'/home/hg/web/hgaccess':

	74 ensure => 'directory',

	75 group => 'hg',

	76 mode => 0644,

	77 owner => 'hg',

	78 recurse => true,

	79 replace => false,

	80 require => File['/home/hg/web'],

	81 source => $hgaccess,

	82 }

	83

	84 file {'/home/hg/web/hgaccess/.hg/hgrc':

	85 content => template('hgweb/hgrc.erb'),

	86 group => 'hg',

	87 mode => 0644,

	88 owner => 'hg',

	89 require => [

	90 Class['sitescripts'],

	91 Exec['hgaccess_init'],

	92 ],

	93 }

	94

	95 exec {'hgaccess_init':

	96 command => 'hg init .',

	97 creates => '/home/hg/web/hgaccess/.hg',

	98 cwd => '/home/hg/web/hgaccess',

	99 logoutput => true,

	100 path => '/usr/local/bin:/usr/bin:/bin',

	101 require => File['/home/hg/web/hgaccess'],

	102 user => 'hg',

	103 }

	104

	105 exec {'hgaccess_commit':

	106 command => 'hg add . && hg commit -u Puppet -m "Initial commit"',

	107 creates => '/home/hg/.ssh/authorized_keys',

	108 cwd => '/home/hg/web/hgaccess',

	109 environment => ['PYTHONPATH=/opt/sitescripts'],

	110 logoutput => true,

	111 path => '/usr/local/bin:/usr/bin:/bin',

	112 require => [

	113 File['/home/hg/web/hgaccess/.hg/hgrc'],

	114 File['/home/hg/.ssh'],

	115 ],

	116 user => 'hg',

	117 }

	118

	119 concat::fragment {'sshd_user_hg':

	120 content => 'Match User hg

	121 AllowTcpForwarding no

	122 X11Forwarding no

	123 AllowAgentForwarding no

	124 GatewayPorts no

	125 ForceCommand cd ~/web && PYTHONPATH=/opt/sitescripts hg-ssh $HGREPOS

	126 ',

	127 order => '99',

	128 target => 'sshd_config',

	129 }

	130

	131 file {'/etc/hgweb.ini':

	132 mode => 644,

	133 require => Package[$required_packages],

	134 source => 'puppet:///modules/hgweb/hgweb.ini',

	135 }

	136

	137 file {'/opt/hgweb.fcgi':

	138 mode => 755,

	139 require => File['/etc/hgweb.ini'],

	140 source => 'puppet:///modules/hgweb/hgweb.fcgi',

	141 }

	142

	143 file {'/etc/init.d/hgweb':

	144 mode => 755,

	145 require => File['/opt/hgweb.fcgi'],

	146 source => 'puppet:///modules/hgweb/hgweb.sh',

	147 }

	148

	149 file {'/home/hg/web/robots.txt':

	150 group => 'hg',

	151 mode => 0644,

	152 owner => 'hg',

	153 require => File['/home/hg/web'],

	154 source => 'puppet:///modules/hgweb/robots.txt',

	155 }

	156

	157 service {'hgweb':

	158 enable => true,

	159 ensure => 'running',

	160 hasrestart => true,

	161 hasstatus => false,

	162 pattern => 'hgweb.fcgi',

	163 require => File['/etc/init.d/hgweb'],

	164 subscribe => File['/etc/hgweb.ini'],

	165 }

	166

	167 nginx::hostconfig {$domain:

	168 certificate => $certificate ? {

	169 'undef' => undef,

	170 default => $certificate,

	171 },

	172 source => 'puppet:///modules/hgweb/nginx.conf',

	173 is_default => $is_default,

	174 log => 'access_log_hg',

	175 private_key => $private_key ? {

	176 'undef' => undef,

	177 default => $private_key,

	178 },

	179 }

	180 }

OLD	NEW

« modules/hgweb/files/nginx.conf ('K') | « modules/hgweb/files/robots.txt ('k') | modules/hgweb/templates/hgrc.erb » ('j') | no next file with comments »